Global IT Security Study from Citrix and The Ponemon Institute Shows
Sixty-Eight Percent Of Business Respondents Say Their Organization’s BYO
Devices Might be Allowing Criminals To Access Corporate Networks And Data

February 07, 2017 12:00 PM Eastern Standard Time

SANTA CLARA, Calif.--(BUSINESS WIRE)--There is no one-size-fits-all security solution to address the threat
landscape today’s businesses face. Each organization has unique security
obstacles and obligations. Billions of dollars have been invested into
IT security solutions and increasing annual security budgets has been an
imperative. In fact, 98% of business respondents reported they will
spend over a million dollars in 2017, per a global study by Citrix and
the Ponemon Institute. However, many of the systems and people in place
are still not able to handle today’s threats.

Security threats increase as more devices crowd networks and as people
have more freedom to work from anywhere, on any device. More devices,
especially bring your own (BYO) devices are the new norm, and businesses
need to put information security at the top of their priority list to
ensure apps and data are secure no matter where they reside or are
accessed. On top of this, businesses need skilled staff to plan how they
will reduce risk and improve the security of their applications and data.

The global study by Citrix and the Ponemon Institute on IT security
infrastructure found that less than half (48%) of survey respondents
said their organization has security policies in place to ensure
employees and third parties only have the appropriate access to
sensitive business information. Not helping is that nearly 70% of
business respondents said that some of their existing security solutions
are outdated and inadequate.

Top security concerns confirmed in the study:

Poor security deployments: 70% said their organization had made
investments in IT security technology that was not successfully
deployed (e.g. shelfware).

Unapproved and rogue app deployments: 65% of respondents said
their organization is not able to reduce the inherent risk of
unapproved applications – increasing risk, including from shadow
IT.

Unmanaged data at risk: 64% say their organization has no way
to effectively reduce the inherent risk of unmanaged data (e.g.
downloaded onto USB drives, shared with third parties, or files with
no expiration date).

Talent pool is small: Only 40% said their organization is
successfully hiring knowledgeable and experienced security
practitioners.

While there’s no silver bullet to fixing security business challenges,
survey respondents shared that they believe there are solutions to help
better manage security challenges:

Creating a unified view: 53% percent believe a unified view of
users across the enterprise.

Becoming proactive: 48% percent answered an ability to keep up
with new or emerging attacks.

Respondents also shared that some specific improvements can be made to
reduce their overall risk:

To learn more about the Ponemon Institute survey findings, visit our landing
page or read the
blog from Citrix vice president and chief technology officer,
Christian Reilly.

These findings are the second installment of the global study from
Citrix and the Ponemon Institute. The first report reviewed how business
complexity is hindering security postures and adding to the shadow IT
trend.

Quotes

Tim Minahan, chief marketing officer, Citrix“Today’s
constantly evolving cybersecurity threat landscape requires a new, more
flexible IT security framework – one that extends beyond traditional
fixed end-point security approaches to deliver threat detection and
protection of apps and data at all stages. Citrix is committed to
delivering such security for data at rest, in motion, and in use.”

Stan Black, chief security officer, Citrix“There are too
many security technologies on the market today that add complexity.
Security today is not about the number of security technologies your
business invests in. It’s about investing in the right security
technologies that will help protect applications and data, no matter
where they’re used or stored. Businesses looking to get ahead of the
cyber security threat landscape need to invest in solutions that have
security built into them. When security is addressed from the start, we
can protect more sensitive business information.”

Survey Methodology

The report conducted by the Ponemon Institute and sponsored by Citrix,
“The Need for a New IT Security Architecture: Global Study” looked at
global trends in IT security risks and reasons why security practices
and policies need to evolve in order to handle threats from disruptive
technologies, cybercrime and compliance mandates. The research features
insights from more than 4,200 IT and IT security practitioners in
Australia/New Zealand, Brazil, Canada, China, Germany, France, India,
Japan, Korea, Mexico, Netherlands, United Arab Emirates, United Kingdom
and the United States.

Citrix (NASDAQ:CTXS) aims to power a world where people, organizations
and things are securely connected and accessible to make the
extraordinary possible. Its technology makes the world’s apps and data
secure and easy to access, empowering people to work anywhere and at any
time. Citrix provides a complete and integrated portfolio of
Workspace-as-a-Service, application delivery, virtualization, mobility,
network delivery and file sharing solutions that enables IT to ensure
critical systems are securely available to users via the cloud or
on-premises and across any device or platform. With annual revenue in
2016 of $3.42 billion, Citrix solutions are in use by more than 400,000
organizations and 100 million users globally. Learn more at www.citrix.com.

For Citrix Investors

This release contains forward-looking statements which are made pursuant
to the safe harbor provisions of Section 27A of the Securities Act of
1933 and of Section 21E of the Securities Exchange Act of 1934. The
forward-looking statements in this release do not constitute guarantees
of future performance. Those statements involve a number of factors that
could cause actual results to differ materially, including risks
associated with the impact of the global economy and uncertainty in the
IT spending environment, revenue growth and recognition of revenue,
products and services, their development and distribution, product
demand and pipeline, economic and competitive factors, the Company's key
strategic relationships, acquisition and related integration risks as
well as other risks detailed in the Company's filings with the
Securities and Exchange Commission. Citrix assumes no obligation to
update any forward-looking information contained in this press release
or with respect to the announcements described herein. The development,
release and timing of any features or functionality described for our
products remains at our sole discretion and is subject to change without
notice or consultation. The information provided is for informational
purposes only and is not a commitment, promise or legal obligation to
deliver any material, code or functionality and should not be relied
upon in making purchasing decisions or incorporated into any contract.